On two formal analyses of the Yahalom protocol

Lawrence C. Paulson

July 1997, 16 pages

Abstract

The Yahalom protocol is one of those analyzed by Burrows et al. in the
BAN paper. Based upon their analysis, they have proposed modifications
to make the protocol easier to understand and analyze. Both versions of
Yahalom have now been proved, using Isabelle/HOL, to satisfy strong
security goals. The mathematical reasoning behind these machine proofs
is presented informally.

The new proofs do not rely on a belief logic; they use an entirely
different formal model, the inductive method. They confirm the BAN
analysis and the advantages of the proposed modifications. The new proof
methods detect more flaws than BAN and analyze protocols in finer
detail, while remaining broadly consistent with the BAN principles. In
particular, the proofs confirm the explicitness principle of Abadi and
Needham.